CLAIMS 

What is claimed is: 



1 1 . A method for integrated audit and configuration comprising the computer- 

2 implemented steps of: 

3 receiving a request from a user to analyze first configuration information with a 

4 second set of configuration information; 

5 receiving the first configuration information; 

6 analyzing one or more parameters of the first configuration information with the 

7 second set of configuration information to result in creating and storing 

8 comparison information; 

9 displaying the comparison information; 

10 choosing one or more action mechanisms to provide to the user for each of the one or 

1 1 more parameters based on the comparison information; and 

12 enabling the user to perform one or more actions associated with the one or more 

1 3 action mechanisms. 

1 2. The method of Claim 1, where the second set of configuration information comprises 

2 a set of one or more parameter values; and where the step of analyzing one or more 

3 parameters of the first confirmation information comprises comparing the values of 

4 the one or more parameters in the first configuration information with corresponding 

5 parameter values from the set of one or more parameter values from the second set of 

6 configuration information. 

1 3. The method of Claim 1, where the second set of configuration information comprises 

2 a set of one or more rules; and where the step of analyzing one or more parameters of 

3 the first confirmation information comprises analyzing the one or more parameters of 

4 the first configuration information with respect to the set of one or more rules. 

1 4. The method of Claim 1, where the one or more actions comprise one or more of 

2 toggle actions, fix actions, user input actions, wizard actions, and lockdown actions; 

3 and the one or more action mechanisms comprise one or more of toggle action 
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4 mechanisms, fix action mechanisms, user input action mechanisms, wizard action 

5 mechanisms, and lockdown action mechanisms. 

1 5. The method of Claim 1 , further comprising the steps of: 

2 receiving a second request from the user to perform one action of the one or more 

3 actions; and 

4 performing the one action. 

1 6. The method of Claim 5, where the second request is one of one or more requests to 

2 perform actions, and where the method further comprises the step of performing the 

3 one or more corresponding actions based on the one or more requests to perform 

4 actions, where performing the one or more corresponding actions comprises 

5 constructing new configuration information based on the first configuration 

6 information and each action. 

1 7. The method of Claim 6, further comprising the steps of: 

2 checking the new configuration against an object model of acceptable configurations; 

3 if the changes are not acceptable, displaying a summary of problems. 

1 8. The method of Claim 6, where the new configuration is the configuration for a 

2 configurable system, the configurable system includes one or more configurable 

3 devices; and where the method further comprises the steps of: 

4 receiving a third request to submit the changes; 

5 checking the new configuration information against an object model of acceptable 

6 configurations; and 

7 if the changes are acceptable, configuring the configurable system. 

1 9. The method of Claim 1 , where the first configuration information comprises the 

2 configuration for a configurable system; the configurable system includes one or 

3 more configurable devices; and the first configuration information is for each of the 

4 one or more configurable devices; and where the step of receiving the first 

5 configuration information comprises obtaining the first configuration information for 

6 each of the one or more configurable devices. 
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1 10. The method of Claim 1, where the second set of configuration information is one of 

2 one or more sets of second configuration information; and where the method further 

3 comprises the step of selecting the second set of configuration information based on 

4 the request from the user. 

1 11. The method of Claim 1 , where the second set of configuration information is one or 

2 one or more sets of second configuration information; and where the method further 

3 comprises the step of selecting the second set of configuration information based on 

4 one or more sets of configuration information for a device to be configured. 

1 12. The method of Claim 5, where the one or more actions comprise one or more toggle 

2 actions, and the one or more action mechanisms comprise one or more toggle action 

3 mechanisms, and where the step of performing the action associated with a particular 

4 toggle action mechanism comprises changing a parameter value associated with the 

5 particular toggle action mechanism. 

1 13. The method of Claim 5, where the one or more actions comprise one or more fix 

2 actions, and the one or more action mechanisms comprise one or more fix action 

3 mechanisms, and where the step of performing the action associated with the fix 

4 action mechanism comprises changing a parameter value associated with a particular 

5 fix action mechanism based on a corresponding parameter value in the second set of 

6 configuration information. 

1 14. The method of Claim 5, where the one or more actions comprise one or more user 

2 input actions, and the one or more action mechanisms comprise one or more user 

3 input action mechanisms, and where the step of performing the action associated with 

4 a particular user input action mechanism comprises the steps of: 

5 obtaining user input for a parameter value associated with the particular user input 

6 action mechanism; and 

7 changing the parameter value associated with the particular user input action 

8 mechanism based on the user input. 

1 15. The method of Claim 5, where the one or more actions comprise one or more wizard 

2 actions, and the one or more action mechanisms comprise one or more wizard action 
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3 mechanisms, and where the step of performing the action associated with a particular 

4 wizard action mechanism comprises the step of running a wizard associated with the 

5 particular wizard action mechanism. 

1 16. A method for integrated audit and configuration comprising the steps of: 

2 receiving a request from a user to analyze first configuration information with a 

3 second set of configuration information; 

4 obtaining the first configuration information; 

5 receiving the first configuration information; 

6 analyzing one or more parameters of the first configuration information with the 

7 second set of configuration information to result in creating and storing 

8 comparison information, where the second set of configuration information 

9 comprises a set of one or more rules; and where the step of analyzing one or 

10 more parameters of the first confirmation information comprises analyzing the 

1 1 one or more parameters of the first configuration information with respect to 

12 the set of one or more rules; 

13 displaying the comparison information; 

14 choosing one or more action mechanisms to provide to the user for each of the one or 

1 5 more parameters based on the comparison information; 

16 enabling the user to perform one or more actions associated with the one or more 

1 7 action mechanisms; 

18 receiving a second request from the user to perform one action of the one or more 

19 actions; and 

20 performing the one action, where performing the action comprises constructing new 

21 configuration information based on the first configuration information and the 

22 one action. 

1 17. A method providing an integrated security audit and security configuration for a 

2 network device, comprising the computer-implemented steps of: 

3 receiving a request from a user to analyze first security configuration information 

4 with a second set of security configuration information; 

5 receiving the first security configuration information; 



50325-0828 (Seq. No. 8100) 



-40- 



6 analyzing one or more parameters of the first security configuration information with 

7 the second set of security configuration information to result in creating and 

8 storing comparison information, where the second set of security 

9 configuration information comprises a set of one or more rules; and where the 

10 step of analyzing one or more parameters of the first confirmation information 

1 1 comprises analyzing the one or more parameters of the first security 

12 configuration information with respect to the set of one or more rules; 

1 3 displaying the comparison information; 

14 choosing one or more action mechanisms to provide to the user for each of the one or 

1 5 more parameters based on the comparison information; 

16 enabling the user to perform one or more actions associated with the one or more 

1 7 action mechanisms; 

18 receiving a second request from the user to perform one action of the one or more 

19 actions; and 

20 performing the one action, where performing the action comprises constructing new 

21 security configuration information based on the first security configuration 

22 information and the one action. 

1 18. A machine- readable medium carrying one or more sequences of instructions for 

2 integrated audit and configuration, which instructions, when executed by one or more 

3 processors, cause the one or more processors to carry out the steps of: 

4 receiving a request from a user to analyze first configuration information with a 

5 second set of configuration information; 

6 receiving the first configuration information; 

7 analyzing one or more parameters of the first configuration information with the 

8 second set of configuration information to result in creating and storing 

9 comparison information; 

1 0 displaying the comparison information; 

1 1 choosing one or more action mechanisms to provide to the user for each of the one or 

12 more parameters based on the comparison information; and 

13 enabling the user to perform one or more actions associated with the one or more 

14 action mechanisms. 
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1 19. An apparatus for integrated audit and configuration, comprising: 

2 a network interface that is coupled to a data network for receiving one or more packet 

3 flows therefrom; 

4 a processor; 

5 one or more stored sequences of instructions which, when executed by the processor, 

6 cause the processor to carry out the steps of: 

7 receiving a request from a user to analyze first configuration information with 

8 a second set of configuration information; 

9 receiving the first configuration information; 

10 analyzing one or more parameters of the first configuration information with 

1 1 the second set of configuration information to result in creating and 

12 storing comparison information; 

13 displaying the comparison information; 

14 choosing one or more action mechanisms to provide to the user for each of the 

15 one or more parameters based on the comparison information; and 

16 enabling the user to perform one or more actions associated with the one or 

17 more action mechanisms. 

1 20. An apparatus for integrated audit and configuration, comprising: 

2 means for receiving a request from a user to analyze first configuration information 

3 with a second set of configuration information; 

4 means for receiving the first configuration information; 

5 means for analyzing one or more parameters of the first configuration information 

6 with the second set of configuration information to result in creating and 

7 storing comparison information; 

8 means for displaying the comparison information; 

9 means for choosing one or more action mechanisms to provide to the user for each of 

1 0 the one or more parameters based on the comparison information; and 

1 1 means for enabling the user to perform one or more actions associated with the one or 

12 more action mechanisms. 
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1 21. A machine- readable medium carrying one or more sequences of instructions for 

2 integrated audit and configuration, which instructions, when executed by one or more 

3 processors, cause the one or more processors to carry out the steps of: 

4 receiving a request from a user to analyze first configuration information with a 

5 second set of configuration information; 

6 obtaining the first configuration information; 

7 receiving the first configuration information; 

8 analyzing one or more parameters of the first configuration information with the 

9 second set of configuration information to result in creating and storing 

10 comparison information, where the second set of configuration information 

1 1 comprises a set of one or more rules; and where the step of analyzing one or 

12 more parameters of the first confirmation information comprises analyzing the 

13 one or more parameters of the first configuration information with respect to 

14 the set of one or more rules; 

1 5 displaying the comparison information; 

16 choosing one or more action mechanisms to provide to the user for each of the one or 

1 7 more parameters based on the comparison information; 

18 enabling the user to perform one or more actions associated with the one or more 

1 9 action mechanisms; 

20 receiving a second request from the user to perform one action of the one or more 

21 actions; and 

22 performing the one action, where performing the action comprises constructing new 

23 configuration information based on the first configuration information and the 

24 one action. 

1 22. A machine-readable medium carrying one or more sequences of instructions for 

2 integrated security audit and security configuration, which instructions, when 

3 executed by one or more processors, cause the one or more processors to carry out the 

4 steps of: 

5 receiving a request from a user to analyze first security configuration information 

6 with a second set of security configuration information; 

7 receiving the first security configuration information; 
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8 analyzing one or more parameters of the first security configuration information with 

9 the second set of security configuration information to result in creating and 

10 storing comparison information, where the second set of security 

1 1 configuration information comprises a set of one or more rules; and where the 

12 step of analyzing one or more parameters of the first confirmation information 

13 comprises analyzing the one or more parameters of the first security 

14 configuration information with respect to the set of one or more rules; 

15 displaying the comparison information; 

16 choosing one or more action mechanisms to provide to the user for each of the one or 

1 7 more parameters based on the comparison information; 

1 8 enabling the user to perform one or more actions associated with the one or more 

1 9 action mechanisms; 

20 receiving a second request from the user to perform one action of the one or more 

21 actions; and 

22 performing the one action, where performing the action comprises constructing new 

23 security configuration information based on the first security configuration 

24 information and the one action. 
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